Permissions Required
You must have the required permissions or rights assigned to the user account that you are logged into when you try to back up or restore files and folders.
To create Exchange backups, you must have domain level backup operator rights. To restore Exchange 2003 backups, you must have full Exchange administrator rights for the domain. To create backups of your Windows Server 2003 operating system, you must have, at a minimum, local backup operator rights. To restore a backup of a Windows Server 2003 operating system, you must have local administrator rights.
Disaster recovery permissions
| Task | Minimum permissions |
|---|---|
Exchange backups |
Domain backup operator |
Exchange restore operations |
Full Exchange administrator |
Windows backups |
Local backup operator |
Windows restore operations |
Local administrator rights |
Important
Logging onto a computer by using administrative credentials might pose a security risk to the computer and network. Therefore, as a security best practice, do not log on to a computer by using administrative credentials when you want to perform routine backup operations. Instead, you can use Run as to start applications or additional commands in a different security context without having to log off. Run as prompts you to type different credentials before it allows you to run the application or command. For more information, see "Using Run as" in the Windows Server 2003, Standard Edition online Help.
For more information about permissions, see "Managing an Exchange Server 2003 Organization" in the Exchange Server 2003 Administration Guide and "Permissions and user rights required to back up and restore" in the Windows Server 2003, Standard Edition online Help.
Accounts and their backup privileges
| Account is a member of | Backup privileges |
|---|---|
Local Administrators group |
Can back up most files and folders on the computer where your account is a member of the Local Administrators group. If you are a local administrator on an Exchange member server, you cannot back up Exchange database files unless you are also a member of the Backup Operator or Domain Administrator groups. |
Domain Administrators group |
Can back up all files and folders on all computers in the domain. |
Local Backup Operators group |
Can back up all files and folders on the computer where your account is a member of the Local Backup Operators group. |
Domain Backup Operators group |
Can back up all files and folders on all computers in the domain. |
Any other domain or local group |
Can back up all files and folders that your account owns. Can back up files or folders for which your account has Read, Read and Execute, Modify, or Full Control permissions. |